Challenge
A large multi-utility energy provider needed to safeguard its electrical transmission and distribution infrastructure against cyberattacks. Following federal guidance and global security incidents, the organization aimed to test the resilience of its IT and operational technology (OT) networks, ensuring that the systems delivering power to millions of customers could continue operating even if the IT network were compromised.
Each utility operated with complex interdependencies across dozens of systems and multiple support teams, making it critical to identify impacts, map connections, and develop a controlled procedure for isolating IT from OT systems without disrupting operations.
Solution
Acting as a subcontractor to a consulting partner, the team conducted technical analysis and documentation to support cyber resilience exercises at each utility. They gathered detailed information on system interconnections, dependencies, and impacts to inform testing procedures.
The team created test plans, developed step-by-step technical procedures, and coordinated controlled network disconnection and reconnection exercises. This ensured the exercises could be executed safely while maintaining operational continuity, with all findings and procedures fully documented for future reference.
Services Delivered
- Technical writing and documentation
- Network discovery and dependency mapping
- Test planning and execution
- Step-by-step procedure development
Benefit
The engagement produced successful IT/OT network disconnect tests, comprehensive documentation, and actionable recommendations for network design upgrades and backup procedures, enhancing the utilities’ readiness for cyberattacks and strengthening critical infrastructure resilience.
